I've just spoken with a friend of mine* who is in charge of check and electronic payment processing at a regional bank. Her response to the story is that the only way that a check maker could get a recipient's account information is if the check is valid and if the recipient had written/stamped the account information on the check. The check maker would have an electronic image of the deposited check available. This includes a NSF (overdraft) check that was returned unpaid. If the check is not a valid check from an actual account the check is returned unpaid to the cashing bank; the defrauding check maker would get no information at all.

So, boiled down, the receiving account information goes to the writer of a valid check (even if an overdraft) only if the person cashing or depositing the check puts the account information on the check themselves.

Lots of banks write the account number on the back of the check when they cash it. This helps with their reconciliation. The bank also stamps information on the back for routing.

Even if that were true 1) you're giving that info out every time you're writing a check so that information isn't secret to begin with and 2) there would still be no way for a phony check to get back to the fraudsters.

Someone from [claiming to be from America, not Nigeria, for a change] contacted my business and ordered a large amount of high end services. The chargeable amount is in the multiple thousands, and we went back and forth a little pinning down details, about which my contact was vague, claiming to be 'the father of the groom, who is footing the bill, but the bride will be in touch to clarify specifics'
Which was slightly odd, but not unbelievable.
Anyway, he offers to put down a $6k deposit as a proof of intent, so I'm thinking it's legit. He wants to pay by credit card, and my floor limit for 'card-not-sighted' transactions is $0, so I call the bank to make an arrangement, at which point I was told about the scam and warned not to take the payment, even if I could.
What scam?
Well, how it goes [and how it continued to play out until I pulled the plug] is that they pay the big chunk of cash by credit card, and deposit another $1500 on top, asking that it be disbursed to a local agent, who is co-ordinating some other part of the plans, saving the customer from making multiple international transfers.
The money comes into the account, so you feel safe to send on the extra money to the agent.
BUT
Card-not-sighted transactions have a massive 6 months window in which the card-holder can claim that they didn't actually approve the transaction, and the funds can be reclaimed. Including the $1500 that the mark paid out to a third party.
And that's where the scammer wins.

It was fascinating to see the scenario play out as the bank predicted, with the request to handle funds for the third party, right on cue. Once I stated that I cound not at all take credit card payments, and suggested that they could use their credit card through Pay-Pal, all communication stopped cold.

I've since had a number of similar approaches, and everytime, as soon as I say I can't take credit-card payments directly [even though I suggest multiple alternatives] they magically disappear.

It's a more labour intensive scam, [multiple emails which felt a bit generic, but the explanation of the father of the groom almost covered it] but I'd imagine it would have a higher success rate.
I know of two local companies in the same line of business, who have each lost several thousand dollars to a similar scam, [once they'd agreed to pass on the funds to the third party, the amount to disburse jumped up, but because they could see the deposit in their account, they thought it was legit. IIRC it was at least 6 weeks later that the original payment was reversed].

They've been told there's nothing they can do to reclaim the money, as they paid it directly into the nominated account, which had since been closed, and technically nothing links that account to the fraud.
And the return of funds for 'stolen information' is also legitimate.